Download Latest Version v1.4.1 source code.tar.gz (4.7 MB)
Email in envelope

Get an email when there's a new version of Kubernetes Gateway API

Home / v1.3.0
Name Modified Size InfoDownloads / Week
Parent folder
README.md 2025-04-24 24.5 kB
0
v1.3.0 source code.tar.gz 2025-04-24 4.5 MB
0
v1.3.0 source code.zip 2025-04-24 5.3 MB
0
standard-install.yaml 2025-04-24 616.8 kB
0
experimental-install.yaml 2025-04-24 999.4 kB
0
Totals: 5 Items   11.4 MB 0

Changes since v1.3.0-rc.2

Changes since v1.2.1

Noteworthy Changes for Implementors

This section is intended to be a guide for API changes that might inspire or require implementation changes. None of these API changes represent breaking changes.

OverlappingTLSConfig for Connection Coalescing

A new OverlappingTLSConfig condition has been added to Gateway Listeners to indicate situations where Connection Coalescing could be problematic. The Gateway specification for handling Hostname and SNI matching for HTTPS requests has been clarified and now recommends that implementations return 421 HTTP code responses in certain cases.

  • Implementation of GEP-3567 - TLS Updates for Connection Coalescing. (#3630,@robscott)
  • Add GEP-3567: Gateway TLS Updates for HTTP/2 Connection Coalescing. (#3572,@robscott)

Move BackendTLSPolicy SubjectAltNames from Core to Extended

  • The SubjectAltNames field of BackendTLSPolicy changed from Core to Extended feature. (#3591,@mlavacca)

The backendRef filter must send traffic to the correct backends when weighted routing is configured

  • A new conformance test was added to ensure backendRef filters don't affect weighted routing. (#3604,@dprotaso)

Clarify reasons for certain object status conditions

  • Set proper reason for Gateway parametersRef Accepted condition when parametersRef is invalid. (#3579,@mlavacca)
  • Improve GatewayClass GatewayClassReasonInvalidParameters reason description. (#3553,@mlavacca)

BackendTLSPolicy

  • CEL validation for target references in BackendTLSPolicy. (#3496,@snorwin)

GRPCRoute

Gateway.Spec.Addresses changes

A new type GatewaySpecAddress replaces GatewayAddress. In GatewayAddress the Value field was required. In GatewaySpecAddress the Value field is optional. When the Value is unspecified, if an implementation supports that, it SHOULD automatically assign an address. If an implementation does not support an empty Value, it MUST set the Programmed condition in status to false with a reason of "AddressNotAssigned". The Addresses field in Gateway.Spec has changed from type []GatewayAddress to []GatewaySpecAddress.

  • Make the value field in Gateway.Spec.Addresses array optional (#3616,@EyalPazz)

Standard Channel Additions and Changes

The Standard channel is Gateway API's set of maximally-stable install files. Only features with the best testing and support are added to the standard channel. This channel should be considered GA or stable, and future changes will be fully backwards compatible.

Percentage-Based Request Mirroring 🎉

This feature enhances the existing request mirroring feature by allowing users to specify a percentage of requests to be mirrored in both HTTPRoute and GRPCRoute objects.

This feature has graduated to Standard and is now considered GA or Stable.

This feature's name for conformance tests (and GatewayClass status reporting) is HTTPRouteRequestPercentageMirror.

This feature's status is Extended, meaning that it is optional for implementations to support. If you're using Experimental Channel, you can refer to the supportedFeatures field in the status of any GatewayClass.

Relevant PRs: - Promote percentage-based-request-mirroring GEP-3171 to standard (#3638,@LiorLieberman) - Add conformance tests for percentage-based request mirroring (#3508,@LiorLieberman)

Experimental Channel Additions and Changes

The Experimental Channel is Gateway API's channel for testing out changes and gaining confidence with them before allowing them to go to Standard.

This channel may include features that are changed or removed later!

New experimental resources now start with "X"

This release introduces 2 new experimental resources:

  • XBackendTrafficPolicy
  • XListenerSet

Both of these resources are described in more detail below. As you may notice, these resource names start with X and are part of an effort to distinguish experimental channel resources from standard channel resources.

In addition to the separate names, these resources are also part of the x-k8s.io API group instead of k8s.io, as a further effort to signal the experimental nature of these resources.

In practice this means two things:

1) These resources can coexist with standard channel resources 2) Migrating to standard channel will require recreating these resources with the standard channel names and API Group (both lacking the "x" prefix)

For more context on this change, refer to the related discussion.

CORS (Cross Origin Resource Sharing) Filter

GEP-1767 describes how to add configuration of CORS filters on HTTPRoute objects, and in this release, this change has moved to Experimental.

Please see the GEP reference document or the API reference for the details.

This feature has graduated to Experimental and should now be used for testing and verification purposes only. Experimental features may be changed or removed in a future version.

This feature does not currently have a feature name defined.

This feature's status is Extended, meaning that it is optional for implementations to support.

As there is no feature name or conformance testing available for this feature yet, please check your implementation's documentation to see if it is supported.

Relevant PRs: - Implementing CORS Filter for HTTPRoute (#3637,@robscott) - Change HTTPRouteFilter.CORS.AllowCredentials to expect a boolean and not a string (#3656,@EyalPazz) - Add CORS to HTTPRouteFilterType (#3668,@EyalPazz)

XListenerSets (Standard Mechanism to Merge Gateways)

GEP-1713 defines a new mechanism to merge listeners into a single Gateway, and in this release, this change has moved to Experimental. Following a new naming convention, an experimental object name is prefaced with an X, thus ListenerSet has changed to XListenerSet. The object group name has changed from gateway.networking.k8s.io to gateway.networking.x-k8s.io.

Please see the GEP reference document or the API reference for the details.

This feature has graduated to Experimental and should now be used for testing and verification purposes only. Experimental features may be changed or removed in a future version.

This feature does not currently have a feature name defined.

This feature's status is Extended, meaning that it is optional for implementations to support.

As there is no feature name or conformance testing available for this feature yet, please check your implementation's documentation to see if it is supported.

Relevant PRs: - Clarified what it means for Gateway Listeners to be distinct (#3477,@youngnick) - GEP-1713: Standard Mechanism to Merge Multiple Gateways (#3213),@dprotaso) - Update GEP-1713 - Support attaching ListenerSets across namespaces (#3632,@dprotaso) - GEP-1713: Standard Mechanism to Merge Multiple Gateways - move GEP Link to Experimental (#3664),@gcs278) - Refactor codegen scripts to make it easier to generate two clients (#3589,@dprotaso) - Add ListenerSet GEP-1713 to the website (#3587,@dprotaso) - Introduces ListenerSet API & Generate Clients (in the group gateway.networking.k8s-x.io) (#3588,@dprotaso) - The resource ListenerSet has been renamed to XListenerSet. The Resource BackendTrafficPolicy has been renamed to XBackendTrafficPolicy. (#3682,@mlavacca)

XBackendTrafficPolicy (Retry Budgets)

GEP-3388 specifies the configuration of a "retry budget" across all endpoints of a destination service in order to prevent additional client-side retries after reaching a configured threshold. The budget can be configured using a maximum percentage of active requests, or an interval during which requests will be considered. In this release, this change has moved to Experimental. Following a new naming convention, an experimental object name is prefaced with an X, thus BackendTrafficPolicy has changed to XBackendTrafficPolicy. The object group name has changed from gateway.networking.k8s.io to gateway.networking.x-k8s.io.

Please see the GEP reference document or the API reference for the details.

This feature has graduated to Experimental and should now be used for testing and verification purposes only. Experimental features may be changed or removed in a future version.

This feature does not currently have a feature name defined.

This feature's status is Extended, meaning that it is optional for implementations to support.

As there is no feature name or conformance testing available for this feature yet, please check your implementation's documentation to see if it is supported.

Relevant PRs: - Adds a new BackendTrafficPolicy with ability to configure budgeted retries (#3607,@ericdbishop) - Add GEP-3388 HTTP Retry Budget (#3488,@ericdbishop) - The resource ListenerSet has been renamed to XListenerSet. The Resource BackendTrafficPolicy has been renamed to XBackendTrafficPolicy. (#3682,@mlavacca) - Retry budget fields are now in their own struct, moving from budgetPercent and budgetInterval to budget.percent and budget.interval respectively. (#3695,@youngnick)

BackendLBPolicy has been replaced by XBackendTrafficPolicy

In the interest of combining similar concepts in a single policy, we've decided to merge the contents of BackendLBPolicy (session persistence) into XBackendTrafficPolicy (retry budgets).

  • BackendLBPolicy has been renamed to XBackendTrafficPolicy (#3692,@robscott)

GEPs

Documentation

Cleanup

  • Remove mkdocs-material-extensions from requirements.txt (#3666, @gcs278)
  • Remove extra newlines and format descriptions of items for code generation (#3574,@snorwin)
  • Fix mkdocs so at least 3 conformance reports are uploaded before update (#3549,@xtineskim)
  • Dependencies have been upgraded to Kubernetes v1.32 and Go v1.24 (#3697,@robscott)

Bug or Regression

  • Sort api versions when updating clientset during code generation (#3652,@bentheelder)
  • Retry failed calls when waiting for namespace ready in tests (#3627,@aojea)
  • Some tests are not formatted properly (#3610,@EyalPazz)
  • Doesn't allow a user to provide both an asterisk and another method/s along with it in HTTPCORSFilter.AllowMethods (#3667,@EyalPazz)

Dependencies

Added

Changed

Removed

Source: README.md, updated 2025-04-24